In message <[log in to unmask]>, [log in to unmask]
writes
>Rather than encrypt the patient data, why not just encrypt the
>patient identity? I appreciate that as you have steadily more data
>about a given patient, you have a steadily increasing probability of
>identifyint the patient, but if all the more obvious aspects such as
>name, address, NHS number (!!!), home phone number and the like were
>encrypted, the resulting system would make it quite difficult to
>identify whose records you were actually looking at.
What about data trawling - and matching databases - * electronically* ?
Suppose you have a relatively uncommon condition?
date of birth and postcode will identify you - if you have *ever* had
time offf work for this...and the information is in the DHSS database..
Seems to m this would give the worst of all poosible worlds - all the
information needed to decide whether it's worth the effort of
identifying the individual ... and precious little protection!
>This would be
>over and above the need to have got past whatever form of log on
>process you need to go through before gaining access to any records.
um .. data trawling and the "consultation" on Access to the NHS Tracing
Service and Caldicott Guardians?
We can impose a process in General Practices. if there was the will, it
*might* be possible in some trusts..
Would *you* be confident if *your* records were involved?
Don't trust "process" - we work in a caring (and trusting)
organisation...
Mary
Mary Hawking Kingsbury Court Surgery Church Street Dunstable LU5 4RS
tel:01582 663218 (surgery)fax:01582 476488 (surgery)
Member of British Healthcare Internet Association
Dunstable and Houghton Regis Locality Commisssioning Pilot
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|